PP-Module for MACsec Ethernet Encryption V1.0 Published! (02 March 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for MACsec Ethernet Encryption V1.0. This was a minor update to align with Network Device cPP v2.2e, add updates requested by the Australian Certification Authority, supports the conversion to PP-Module, and incorporates all applicable NIAP Technical Decisions. This will complete the conversion to PP-Modules for all Extended Packages using ND cPP as a base.
Call for Participants in the Cryptographic Technical Community (23 February 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the development of Cryptographic requirements. Members of this TC are expected to provide technical input to the development and update of cryptographic Security Functional Requirements (SFRs) to incorporate quantum-resistant (QR) algorithms from the Commercial National Security Algorithm (CNSA) Suite 2.0 across multiple NIAP Protection Profiles. These initial QR updates will focus on implementing Leighton-Micali Signatures (LMS) for software and firmware signing, mandating CNSA Suite 1.0 requirements as minimums, and standardizing selections as much as possible.
Additional QR updates will be made in the future for eXtended Merkle Signature Scheme (XMSS) for software and firmware signing, CRYSTALS-Kyber for key establishment, and CRYSTALS-Dilithium for digital signatures. More information can be found in NSA's CNSA Suite 2.0 Cybersecurtiy Advisory (https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF) and FAQ (https://media.defense.gov/2022/Sep/07/2003071836/-1/-1/0/CSI_CNSA_2.0_FAQ_.PDF).
All interested parties should contact NIAP/CCEVS at tc-crypto-staff@niap-ccevs.org, providing the information listed below for each potential participant:
• Name
• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
• Telephone number
• Email address
• A brief statement of the qualifications for participation in the TC
We look forward to your participation and plan to hold a kickoff meeting in late March, 2023.
Call for Participants in the Mobility Technical Community (17 February 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the PP-Module for MDM Agent v1.1. The purpose of this update is to align with the Protection Profile for General Purpose Operating Systems v4.3 and incorporate Technical Decisions (TDs).
Please note: If you are already a member of this Technical Community, there is no need to re-apply.
All interested parties should contact NIAP/CCEVS at TC-Mobility-Staff@niap-ccevs.org providing the information listed below for each potential participant:
· Name
· Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
· Telephone number
· Email address
· A brief statement of the qualifications for participation in the TC
We look forward to your participation!
NIAP 2022 Annual Report (14 February 2023)
See the NIAP 2022 Annual Report to learn about NIAP accomplishments and activities in 2022. Read the report here.
Authentication Server PP-Module V1.0 Published! (25 January 2023)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Authentication Server PP-Module V1.0. This was a minor update to align with Network Device cPP v2.2e, add two-factor authentication, and support the conversion to PP module. In addition, all applicable NIAP Technical Decisions were incorporated.
Previous Announcements
Functional Package for Transport Layer Security (TLS) Version 2.0 Published (19 December 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Functional Package for Transport Layer Security (TLS) Version 2.0. This update removes TLS 1.1/1.0 and adds TLS 1.3. It also incorporates all applicable Technical Decisions. As new and updated PPs/PP-Modules are published, they will make use of this TLS package, where applicable.
NIAP Progress Report - Third Quarter 2022 (12 December 2022)
See the NIAP Third Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.
PP-Module for STIP v1.1 Published! (17 November 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile-Module for SSL/TLS Inspection Proxy (STIP), Version 1.1. This is a minor update to align with changes to NDcPP v2.2e, and incorporates all applicable Technical Decisions.
Protection Profile for General Purpose Operating Systems v4.3 Published (27 September 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for General Purpose Operating Systems, Version 4.3. This is a minor update to align with the MDM-Agent PP-Module, Bluetooth PP-Module, and TLS Functional Package, provide support to multi-factor authentication, updating algorithmic support for Commercial National Security Algorithm Suite 2.0, and incorporate all applicable Technical Decisions.
NIAP endorses and publishes the collaborative Protection Profile Module for Biometrics, Version 1.1 (22 September 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce it has endorsed the collaborative Protection Profile (cPP) Module for Biometrics, Version 1.1 and published the cPP-Module and Supporting Document to the NIAP-Approved PP List. This endorsement is a formal statement that products successfully evaluated against PP-Configurations which include the cPP-Module that demonstrate exact conformance to the PP-Configuration, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List (PCL).
Protection Profile for Mobile Device Fundamentals v3.3 Published (22 September 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Mobile Device Fundamentals, Version 3.3. This is a minor update to provide support to biometrics and incorporates all applicable Technical Decisions.
NIAP Progress Report - Second Quarter 2022 (16 August 2022)
See the NIAP Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.
Call for Participants in the Redaction Technical Community (11 July 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Redaction PP-Module V1.0. Members of this TC are expected to provide technical input to update the Module to align with the Protection Profile for Application Software V1.4.
Please note: If you are already a member of this Technical Community, there is no need to re-apply.
All interested parties should contact NIAP/CCEVS at tc-redaction-staff@niap-ccevs.org, providing the information listed below for each potential participant:
- Name
- Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
- Telephone number
- Email address
- A brief statement of the qualifications for participation in the TC
NIAP plans to hold the Kick-Off meeting in the latter half of Q3 CY2023. We look forward to your participation!
NIAP Progress Report - First Quarter 2022 (05 July 2022)
See the NIAP First Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.
Position Statement on the CC in the Cloud Working Group (04 May 2022)
The National Information Assurance Partnership, Canadian Common Criteria Scheme, and Australian Certification Authority have issued a joint position statement in support of the CC in the Cloud Working Group and its CC in the Cloud Essential Security Requirements (ESR), v0.3, dated 2 March 2022.
The Position Statement is posted on the NIAP website on its Publications page and can be found here: https://www.niap-ccevs.org/MMO/GD/CC%20in%20the%20Cloud%20Position%20Statement%20v1.0.pdf
The ESR is posted on the CC in the Cloud Working Group's github page and can be found here: https://github.com/CC-in-the-Cloud/Admin/blob/Working/ESR/CC_in_the_Cloud_ESR.pdf
PP-Modules for WLAN Client v1.0 and WLAN AS v1.0 Published! (20 April 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile-Modules for Wireless LAN Access System (WLAN AS) and Wireless LAN Client (WLAN Client) PP-Modules v1.0. These updates include the conversion to Module, incorporation of Wi-Fi Protected Access 3 (WPA3), updates to support Wi-Fi 6E, and incorporates all applicable Technical Decisions.
NIAP 2021 Annual Report (04 April 2022)
See the NIAP 2021 Annual Report to learn about NIAP accomplishments and activities in 2021. Read the report here.
PP-Modules for VPN Client v2.4 and VPN Gateways v1.2 Published! (31 March 2022)
The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile-Modules for Virtual Private Network (VPN) Client, Version 2.4 and VPN Gateways, Version 1.2. This is a minor update to incorporate two-factor authentication and incorporates all applicable Technical Decisions.